<?php

include "funct.php";

if (!isset($_SESSION["admin"]))
	iesire();

if (isset($_POST["a_site"])) {
	clean($_POST["a_site"]);
	switch ($_POST["a_site"]) {
		case "1": {
				$rezultat = mysql_query("select * from " . $db["config"] . " where optiune='a_site'");
				if (mysql_num_rows($rezultat) == 0)
					mysql_query("insert into " . $db["config"] . " set optiune='a_site', value='1'");
				else
					mysql_query("update " . $db["config"] . " set value='1' where optiune='a_site'");
				break;
			}
		case "2": {
				$rezultat = mysql_query("select * from " . $db["config"] . " where optiune='a_site'");
				if (mysql_num_rows($rezultat) == 0)
					mysql_query("insert into " . $db["config"] . " set optiune='a_site', value='2'");
				else
					mysql_query("update " . $db["config"] . " set value='2' where optiune='a_site'");
				break;
			}
		default : {
				iesire();
				break;
			}
	}
}

if (isset($_POST["banner-top"]) && strlen($_POST["banner-top"]) > 4) {
	$rezultat = mysql_query("select * from " . $db["banner"] . " where name='banner-top'");
	if (mysql_num_rows($rezultat) > 0)
		mysql_query("update " . $db["banner"] . " set content='" . $_POST["banner-top"] . "' where name='banner-top'");
	else
		mysql_query("insert into " . $db["banner"] . " set name='banner-top', content='" . $_POST["banner-top"] . "'");
}
if (isset($_POST["banner-right"]) && strlen($_POST["banner-right"]) > 4) {
	$rezultat = mysql_query("select * from " . $db["banner"] . " where name='banner-right'");
	if (mysql_num_rows($rezultat) > 0)
		mysql_query("update " . $db["banner"] . " set content='" . $_POST["banner-right"] . "' where name='banner-right'");
	else
		mysql_query("insert into " . $db["banner"] . " set name='banner-right', content='" . $_POST["banner-right"] . "'");
}
if (isset($_POST["delete-user"]) && strlen($_POST["delete-user"]) > 4) {
	clean($_POST["delete-user"]);
	$rezultat = mysql_query("select * from " . $db["users"] . " where name='" . $_POST["delete-user"] . "'");
	$rand = mysql_fetch_array($rezultat);
	if (count($rand) > 0) {
		mysql_query("delete from " . $db["users"] . " where name='" . $_POST["delete-user"] . "'");
		mysql_query("delete from " . $db["rooms"] . " where user='" . $rand["id"] . "' or user2='" . $rand["id"] . "'");
		mysql_query("delete from " . $db["messages"] . " where user='" . $rand["id"] . "'");
	}
}
if (isset($_POST["suspend-user"]) && strlen($_POST["suspend-user"])) {
	mysql_query("update " . $db["users"] . " set function='suspend' where name='" . clean($_POST["suspend-user"]) . "'");
}
if (isset($_POST["un-suspend-user"]) && strlen($_POST["un-suspend-user"])) {
	mysql_query("update " . $db["users"] . " set function='player' where name='" . clean($_POST["un-suspend-user"]) . "'");
}
if (isset($_POST["battless-played"]) && strlen($_POST["battless-played"]) > 0) {
	$rezultat = mysql_query("select * from " . $db["config"] . " where optiune='battless_played'");
	if (mysql_num_rows($rezultat) > 0)
		mysql_query("update " . $db["config"] . " set value='" . ((int) (clean($_POST["battless-played"]))) . "' where optiune='battless_played'");
	else
		mysql_query("insert into " . $db["config"] . " set value='" . ((int) (clean($_POST["battless-played"]))) . "', optiune='battless_played' ");
}
if (isset($_POST["time-battless1"]) && strlen($_POST["time-battless1"]) > 0) {
	$rezultat = mysql_query("select * from " . $db["config"] . " where optiune='time_battle1'");
	if (mysql_num_rows($rezultat) > 0)
		mysql_query("update " . $db["config"] . " set value='" . (int) (clean($_POST["time-battless1"])) . "' where optiune='time_battle1'");
	else
		mysql_query("insert into " . $db["config"] . " set value='" . (int) (clean($_POST["time-battless1"])) . "', optiune='time_battle1'");
}
if (isset($_POST["time-battless2"]) && strlen($_POST["time-battless2"]) > 0) {
	$rezultat = mysql_query("select * from " . $db["config"] . " where optiune='time_battle2'");
	if (mysql_num_rows($rezultat) > 0)
		mysql_query("update " . $db["config"] . " set value='" . (int) (clean($_POST["time-battless2"])) . "' where optiune='time_battle2'");
	else
		mysql_query("insert into " . $db["config"] . " set value='" . (int) (clean($_POST["time-battless2"])) . "' where optiune='time_battle2'");
}

header("Location: logged.php");
?>
